Your IP : 172.28.240.42


Current Path : /usr/lib/python2.7/dist-packages/ufw/
Upload File :
Current File : //usr/lib/python2.7/dist-packages/ufw/frontend.pyc


^Oc@sdZddlZddlZddlZddlmZddlZddlmZm	Z	ddl
mZddlZdZ
dZdd
d	YZdS(s'frontend.py: frontend interface for ufwiN(tUFWError(terrortwarn(tUFWBackendIptablescCstjj}x?ddddddddgD]}|jtjj|q.Wx3d	d
ddgD]}|jtjj|qdWx9d
dddddgD]}|jtjj|qWx0dddgD]}|jtjj|qWx0d*ddgD]}|jtjj	|qWx<dddddddgD]}|jtjj
|qEWddddd d!g}x'|D]}|jtjj|qWt|d"kr#d#}||j
d$krd"}n||j
dkr#||j
|kr#|j|d%q#nt|d"ksSd$|krpt|d&krptjd'IJtjd#ny|j|d#}WnTtk
r}tjd(|jIJtjd#n!tk
rtjd)IJnX|S(+sEParse command. Returns tuple for action, rule, ip_version and dryrun.tenabletdisablethelps--helptversions	--versiontreloadtresettlisttinfotdefaulttupdatetontofftlowtmediumthightfulltallowtdenytrejecttverbosetnumberedtrawsbefore-ruless
user-rulessafter-ruless
logging-rulestbuiltinst	listeningtlimittinserttdeleteiis	--dry-runtruleisERROR: not enough argss	ERROR: %ssInvalid syntaxN(tufwtparsert	UFWParsertregister_commandtUFWCommandBasict
UFWCommandApptUFWCommandLoggingtUFWCommandDefaulttNonetUFWCommandStatustUFWCommandShowtUFWCommandRuletlentlowerRtsyststderrtexitt
parse_commandRtvaluet	Exception(targvtptit
rule_commandstidxtprte((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyR1sJ
	0


cCstditjjd6dd6dd6dd6dd6d	d
6dd6d
d6dd6dd6dd6dd6dd6dd6dd6dd6dd6d d 6d!d!6d"d#6d$d%6d&d'6d(d)6d*d*6d+d,6d-d.6d/d06d1d26d3d46d5d66}|S(7sPrint help messagesb
Usage: %(progname)s %(command)s

%(commands)s:
 %(enable)-31s enables the firewall
 %(disable)-31s disables the firewall
 %(default)-31s set default policy
 %(logging)-31s set logging to %(level)s
 %(allow)-31s add allow %(rule)s
 %(deny)-31s add deny %(rule)s
 %(reject)-31s add reject %(rule)s
 %(limit)-31s add limit %(rule)s
 %(delete)-31s delete %(urule)s
 %(insert)-31s insert %(urule)s at %(number)s
 %(reset)-31s reset firewall
 %(status)-31s show firewall status
 %(statusnum)-31s show firewall status as numbered list of %(rules)s
 %(statusverbose)-31s show verbose firewall status
 %(show)-31s show firewall report
 %(version)-31s display version information

%(appcommands)s:
 %(applist)-31s list application profiles
 %(appinfo)-31s show information on %(profile)s
 %(appupdate)-31s update %(profile)s
 %(appdefault)-31s set default application policy
tprognametCOMMANDtcommandtCommandstcommandsRRsdefault ARGRs
logging LEVELtloggingtLEVELtlevels
allow ARGSRRs	deny ARGSRsreject ARGSRs
limit ARGSRsdelete RULE|NUMRtRULEturulesinsert NUM RULERtNUMtnumberR	tstatussstatus numberedt	statusnumtRULEStrulessstatus verboset
statusverbosesshow ARGtshowRsApplication profile commandstappcommandssapp listtapplistsapp info PROFILEtappinfotPROFILEtprofilesapp update PROFILEt	appupdatesapp default ARGt
appdefault(t_R tcommontprogramName(tmsg((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytget_command_helpXs@tUFWFrontendcBseZdZddZdZdZdZeedZddZ	d	Z
d
ZedZedZ
d
ZdZdZdZdZdZdZedZRS(tUItiptablescCsz|dkr9yt||_WqItk
r5qIXntd|td|_td|_td|_dS(NR[sUnsupported backend type '%s'tntytyes(RtbackendR3RRTtnoR^tyes_full(tselftdryruntbackend_type((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyt__init__s

cCsd}d}|rd}nt}|r7|jjsM|rV|jjrVt}n|ry$|jj|jjdd|Wqtk
r}t|jqXnd}|rZy|jj	Wn%tk
r}|r|j}qnX|dkrKy$|jj|jjdddWn tk
r=}t|jnXt|nt
d}n@y|jjWn tk
r}t|jnXt
d}|S(slToggles ENABLED state in <config_dir>/ufw/ufw.conf and starts or
           stops running firewall.
        tR`R^tconftENABLEDs0Firewall is active and enabled on system startups/Firewall stopped and disabled on system startup(tFalseR_t
is_enabledtTruetset_defaulttfilesRRR2tstart_firewallRTt
stop_firewall(Rbtenabledtrest
config_strtchangedR:t	error_str((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytset_enabledsF		
cCsrd}yE|jj||}|jjrJ|jj|jjnWn tk
rm}t|jnX|S(sSets default policy of firewallRf(R_tset_default_policyRjRoRnRRR2(Rbtpolicyt	directionRqR:((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyRvs
cCsCd}y|jj|}Wn tk
r>}t|jnX|S(sSets log level of firewallRf(R_tset_loglevelRRR2(RbRBRqR:((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyRyscCs@y|jj||}Wn tk
r;}t|jnX|S(sShows status of firewall(R_t
get_statusRRR2(RbRt
show_counttoutR:((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyRzs
RcCs=y|jj|}Wn tk
r8}t|jnX|S(sShows raw output of firewall(R_tget_running_rawRRR2(Rbt
rules_typeR|R:((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytget_show_raws
cCsd}ytjj|jj}Wn)tk
rPtd}t|nX|jj}|j	}|j
x.|D]&}|jjr|dkrq}n|d|7}||j	}|j
x|D]}x|||D]}	|	d}
|
jdr|
jdrd}|d	|7}|
d
ksE|
dkr`|d7}d
|	d}
n |d|
7}tjj|
}|dt
jj|	d7}tjjd|d ||
}|j|jd|dkr|jd|n|j|jj|}
t|
dkr|d7}xa|
D]V}|dkr1|dt|kr1|d|tjjj||df7}q1q1Wn|d7}qqWqWq}W|jjstjjdn|S(sShows listening servicesRfsCould not get listening statusttcp6tudp6s%s:
tladdrs127.s::1s  %s s0.0.0.0s::s* s%s/0s%s s(%s)texeRit6tinis
is   [%2d] %s
s)Skipping tcp6 and udp6 (IPv6 is disabled)(RR(R tutiltparse_netstat_outputR_tuse_ipv6R3RTRt	get_rulestkeystsortt
startswithtget_if_from_iptostpathtbasenameRUtUFWRuletset_v6tendswitht
set_interfacet	normalizetget_matchingR,R!R+tget_commandtdebug(RbRqtdterr_msgRJt	protocolstprototportstporttitemtaddrtifnameRtmatchingR6((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytget_show_listenings\






	


"	 cCsd}d}d}g}|jdkrF|jdkrF|j|n(g}y|jr(|dkr||jj|t}n|dkr|jj|t}n|dkr5|jj|t}|jj|t}xx|D]Q}	xH|D]@}
|
j}t|
_|	j	|
s||
_|j|
qqWqWnt
d|}t|t|dkr|jj
rt
d}|dkr|}n:|dkr|d}n!|dkr|d	|d}n|Sx|D]K}|j}|j|_|j|j|j|j|j|qWn.|jj|}|jdkrV|jnWntk
rmnXd}
t}t
d
}|jjt}|jjt}xt|D]\}}|}
|j||kr|t|jd7}t|nyX|jjr|dkrw|j|krU|t|jd7}t|n|jt|jj|}qY|dkr|j|kr|j|j|nD|jdkr|j|kr|t|jd7}t|n|jt|jj|}qY|dkr|j}|jt|jr||kr|jj|||
t}|dkr|j|q|jdn|jj|}|jr|dkr|jjt}|j|dn|jt|jr[|jdkr[|j|kr[|jj|jt}|dkrK|j||
q[|jdn|dkrt|d	7}n|jr|j|kr|j|j|n||jj|7}qYt
d|}t|n}|dks|dkr|jt|jj|}nC|dkr=t
d
}t|nt
d|}t|Wn#tk
r}|j}t}PnX|j rt
d}t!j"|qqW|s||7}nt|dkrt#|nt}t$|
d}|jx|D]}|
dkr||r||j}t|_y|j||Wqtk
rt}t
d|j%}t"|qXqqW|t
d7}|r|t
d7}n|t
d7}t||S(sUpdates firewall with ruleRftv4tv6tbothsInvalid IP version '%s'is"Could not delete non-existent rules (v6)s
sInvalid position 't'isIPv6 support not enableds Rule changed after normalizationsCould not back out rule '%s's"
Error applying application rules.s# Some rules could not be unapplied.s( Attempted rules successfully unapplied.(&tdapptsapptappendtremoveR_tget_app_rules_from_systemRiRkRtmatchRTRR,Rctdup_rulet
set_actiontactiontset_logtypetlogtypetget_app_rules_from_templatetpositiontreverseR3tget_rules_countt	enumeratetstrRRtset_ruletset_positiontfind_other_positionR2tupdatedtwarningsRRtrangetformat_rule(RbRt
ip_versionRqRttmpRJttmprulest	tmprules6txR]tprev6trtcountt	set_errortpos_err_msgtnum_v4tnum_v6R6tuser_posR5R:twarn_msgt
undo_errortindexestjtbackout_rule((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyRDs					

				




	
	
	

		



	
	
c
Csyt|}Wn-tk
r?td|}t|nX|jj}|dksm|t|krtd|}t|n|jj|}|std|}t|nt|_	d}|j
rd}nt}|stjj
j|}	tdi|	d6|jd6|jd	6}
tjtjj|
tjjjj}|d
kr||jkr||jkrt}qnd}|r|j||}ntd}|S(
sDelete rulesCould not find rule '%s'isCould not find rule '%d'RRs=Deleting:
 %(rule)s
Proceed with operation (%(yes)s|%(no)s)? RR^R`R]RftAborted(tintR3RTRR_RR,tget_rule_by_numberRkRRR R!R+RR^R`RtwriteR.tstdouttfilenotstdintreadlineR-tstripRaRiR(
RbRFtforceR\RRJRRtproceedtrstrtprompttansRq((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytdelete_rulesB
				

*c	Cs:d}|jdr^|jd}t|dkrL|j|d}q6|jd}n|dkr||jd}n|jdrtd	}|jd
}t|dkrt|n|j|d|d}nR|d
kr|j|}n4|dkr|j}n|dkr;|jt	}n|jdr|jd
d}|dkrx|j
}q6|j|}n|dkr|jtt	}n|dkr|j
t	}nm|dkr|j
t}nO|dkr:|jjr+|j
t|j
t	td}q6td}n|jdrk|j|jd
d|}n|dks|dks|dks|dkr|jdkrPyD|jj|j}||jkr||_|j|dnWqPtk
rL}|jst|jntjj|jsMtd}t|qMqPXn|jdkryD|jj|j}||jkr||_|j|dnWqtk
r}|jst|jntjj|jstd}t|qqXn|j||}ntd|}t||S( sPerform action on rule. action, rule and ip_version are usually
           based on return values from parse_command().
        Rfs
logging-onRTiRslogging-offRsdefault-sUnsupported default policyt-iiR	RGsstatus-verboseRLRsstatus-numberedRRRsFirewall reloadeds&Firewall not enabled (skipping reload)sdelete-RRRRtdstsInvalid profile namesUnsupported action '%s'(RtsplitR,RyRTRRvR	RzRkRRRiRuR_RjRRtfind_application_nametset_portRRR2R tapplicationstvalid_profile_nameRR(	RbRRRRRqRRR:((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyt	do_action,s

"$				cCsCd}y|jj|}Wn tk
r>}t|jnX|S(s+Sets default application policy of firewallRf(R_tset_default_application_policyRRR2(RbRwRqR:((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyRscCsK|jjj}|jtd}x|D]}|d|7}q/W|S(s*Display list of known application profilessAvailable applications:s
  %s(R_tprofilesRRRT(RbtnamesRR\((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytget_application_lists

cCs!g}|dkr1|jjj}|jn:tjj|s^td}t|n|j	|d}x|D]}|jjj
|s|jj|rtd|}t|ntjj||jj|std}t|n|td|7}|tdtjj|jj|7}|tdtjj
|jj|7}tjj|jj|}t|d	ksd
|dkr|td7}n|td
7}x|D]}|d|7}qW||t|d	krx|d7}qxqxWtjj|S(sDisplay information on profiletallsInvalid profile nameRfsCould not find profile '%s'sInvalid profilesProfile: %s
s
Title: %s
sDescription: %s

it,isPorts:sPort:s
  %ss

--

(R_RRRR RRRTRRthas_keytverify_profilet	get_titletget_descriptiont	get_portsR,Rt	wrap_text(RbtpnameRRRtnameRR5((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytget_application_infosB


	"
c	Csxd}t}t}y(|jjr9tjjr9t}nWntk
rSt}nX|dkr|jjj	}|j
x|D]P}|jj|\}}|r|dkr|d7}n||7}|}qqWn1|jj|\}}|dkr|d7}n|rt|jjrt|ray|jj
Wntk
rMnX|td7}qt|td7}n|S(sRefresh application profileRfRs
sFirewall reloadedsSkipped reloading firewall(RkRiR_t	do_checksR Rt	under_sshR3RRRtupdate_app_ruleRjt_reload_user_rulesRT(	RbRQRtallow_reloadttrigger_reloadRR5Rtfound((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytapplication_updates<








cCs{d}d}|dkr3td}t|n|jjd}|dkrmtjjd||f|S|dkrd}nF|d	krd
}n1|dkrd}ntd|}t|d
g}|jjr|jdn|||g7}yt	|}Wnt
k
r#nX|jjdr_|j
|j|jd|jd}n|j
|jdd}|S(sRefresh application profileRfRs%Cannot specify 'all' with '--add-new'tdefault_application_policytskips'Policy is '%s', not adding profile '%s'tacceptRtdropRRsUnknown policy '%s'R s	--dry-runRtiptype(RTRR_tdefaultsR RRRcRR1R3tdataRRR(RbRQRRwRRtargsR9((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytapplication_adds>				
cCsTd}|dkr$|jd}n,|dkrB|jd}n|dkr`|jd}n|dkr~|jd	}n|d
kr|j}n|dkr|j|}n|dks|d
kr4|j|}d}|d
kr|j|}n|dkr'|dkr'|d7}n||}ntd|}t||S(szPerform action on profile. action and profile are usually based on
           return values from parse_command().
        Rfs
default-allowRsdefault-denyRsdefault-rejectRsdefault-skipRR
RR
supdate-with-news
sUnsupported action '%s'(RRRRRRTR(RbRRQRqtstr1tstr2R((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytdo_application_actions0

cCst}|jjrtjjrtdi|jd6|jd6}t	j
tjj
|tjjjj}|dkr||jkr||jkrt}qn|S(s6If running under ssh, prompt the user for confirmationsWCommand may disrupt existing ssh connections. Proceed with operation (%(yes)s|%(no)s)? R^R`R](RkR_RR RRRTR^R`RRR.RRRRR-RRaRi(RbRRR((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pytcontinue_under_ssh6s	*cCs4d}tdi|jd6|jd6}|jjrltjjrltdi|jd6|jd6}n|jjr|rtj	t
jjtjj
|t
jjjj}|dkr||jkr||jkrtd}|Sn|jjr!||jt7}n|jj}|S(sReset the firewallRfsTResetting all rules to installed defaults. Proceed with operation (%(yes)s|%(no)s)? R^R`sResetting all rules to installed defaults. This may disrupt existing ssh connections. Proceed with operation (%(yes)s|%(no)s)? R]R(RTR^R`R_RR RRRRR.RRRRRR-RRaRjRuRiR	(RbRRqRR((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyR	Ds 		%*(t__name__t
__module__t__doc__ReRuRvRyRiRzRRRRRRRRRRRRR	(((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyRYs&	6	
	
			?	,T	
			.	+	*	 	((RRR.Rt
ufw.commonRtufw.utilR RRtufw.backend_iptablesRt
ufw.parserR1RXRY(((s0/usr/lib/python2.7/dist-packages/ufw/frontend.pyt<module>s	<	>